pulsar-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] jiazhai commented on a change in pull request #3658: [WIP]kerberos authentication between client and broker
Date Sat, 23 Feb 2019 10:40:22 GMT
jiazhai commented on a change in pull request #3658: [WIP]kerberos authentication between client
and broker
URL: https://github.com/apache/pulsar/pull/3658#discussion_r259572463
 
 

 ##########
 File path: pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationDataSource.java
 ##########
 @@ -82,39 +83,77 @@ default String getHttpHeader(String name) {
 
     /**
      * Check if data from Pulsar protocol are available.
-     * 
+     *
      * @return true if this authentication data contain data from Pulsar protocol
      */
     default boolean hasDataFromCommand() {
         return false;
     }
 
     /**
-     * 
+     *
      * @return authentication data which is stored in a command
      */
     default String getCommandData() {
         return null;
     }
 
+
+    /*
+     * SASL
+     */
+
+    /**
+     *
+     * @return authentication data which will be stored in a command
+     */
+    default byte[] getCommandDataBytes() {
 
 Review comment:
   @merlimat, How about we keep the old methods to use String, and new methods use byte[]?
   
   one concern here is: Is it worth to convert between String and Byte using base64?
   As in PulsarApi.proto, we store auth data as bytes in [CommandConnected](https://github.com/apache/pulsar/blob/master/pulsar-common/src/main/proto/PulsarApi.proto#L197),
and in [SaslServer](https://docs.oracle.com/javase/7/docs/api/javax/security/sasl/SaslServer.html)
and [SaslClient](https://docs.oracle.com/javase/7/docs/api/javax/security/sasl/SaslClient.html),
it do the valuate and challenge also use bytes, like this:
   ```
   byte[]  evaluateResponse(byte[] response)
   ```
   This means, we need to convert
   `bytes(proto cmd) <-> String(pulsar api) <-> bytes(sasl api)`
   each time. 
   The benefit to use String is the alignment with old api, while the opposite is useless
converting.  

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message